Late Wednesday, the Securities and Exchange Commission said that it discovered last month that a 2016 hack of its computer filing system for publicly traded companies "may have provided the basis for illicit gain through trading." The "software vulnerability in the test filing component of the commission's EDGAR system" has been patched, and while the "intrusion" was discovered last year, the SEC said, it only learned about the possible use of pilfered information to trade stocks for illegal profit after SEC Chairman Jay Clayton ordered a cybersecurity review in May 2017.
The SEC statement did not say why the agency didn't disclose the breach last year, when the system was hacked, or whether specific companies were targeted. The SEC is the federal government's main Wall Street regulator. "Cybersecurity is critical to the operations of our markets and the risks are significant and, in many cases, systemic," Clayton said. "We must be vigilant. We also must recognize — in both the public and private sectors, including the SEC — that there will be intrusions, and that a key component of cyber risk management is resilience and recovery." Peter Weber
The 2016 election saw America's voter rolls swell to more than 200 million registered voters for the first time ever, and about 198 million of those people had their voter data exposed by a Republican National Committee contractor called Deep Root Analytics.
The breach was discovered by Chris Vickery, a digital security researcher, who reported the exposure to DRA so the data could be secured. The 25 terabytes of information were stored on an Amazon cloud account that could be accessed (and in some cases downloaded) without a login. The data set included voters' "names, dates of birth, home addresses, phone numbers, and voter registration details, as well as data described as [algorithm-predicted] voter ethnicities and religions."
"We take full responsibility for this situation," DRA said in a statement.
This is not the first time Vickery has found a massive potential leak of voter data. In 2015, he discovered 191 million exposed voter records held by another contractor, Nation Builder, which also works with GOP candidates. Bonnie Kristian